Lucene search
+L

8 matches found

OSV
OSV
added 2022/05/13 1:26 a.m.19 views

GHSA-X9FV-C87W-55WC Improper Control of Generation of Code in Apache Camel

Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...

6.8CVSS6.2AI score0.08523EPSS
Exploits0References21
Veracode
Veracode
added 2019/05/02 4:58 a.m.19 views

Directory Traversal

camel-core is vulnerable to directory traversal. The file producer does not validate file names before creating, allowing an attacker to write or overwrite files outside of the starting directory...

7.5CVSS7.5AI score0.08482EPSS
Exploits1References11Affected Software1
RedHat Linux
RedHat Linux
added 2014/03/05 7:5 p.m.8 views

Camel: remote code execution via header field manipulation

Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...

6.8CVSS7.7AI score0.08523EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/03/03 6:25 p.m.6 views

Camel: remote code execution via header field manipulation

Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...

6.8CVSS7.7AI score0.08523EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/12/19 10:49 p.m.6 views

Camel: remote code execution via header field manipulation

Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...

6.8CVSS7.7AI score0.08523EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/10/07 5:13 p.m.7 views

Camel: remote code execution via header field manipulation

Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...

6.8CVSS7.7AI score0.08523EPSS
Exploits0References4
Cvelist
Cvelist
added 2013/10/04 5:0 p.m.33 views

CVE-2013-4330

Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple" in a CamelFileName message header to a 1 FILE or 2 FTP producer...

9.7AI score0.08523EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2013/10/04 12:0 a.m.8 views

PT-2013-4959 · Apache · Apache Camel

Name of the Vulnerable Software and Affected Versions: Apache Camel versions 2.9.0 through 2.9.6 Apache Camel versions 2.10.0 through 2.10.6 Apache Camel versions 2.11.0 through 2.11.1 Apache Camel version 2.12.0 Description: The issue allows remote attackers to execute arbitrary simple language...

6.8CVSS9.6AI score0.08523EPSS
Exploits0References24
Rows per page
Query Builder